Bash 'shellshock' bug - READ THIS!

From Pbxwiki

Revision as of 10:00, 26 September 2014 by Adminwiki (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search



A vulnerability in the bash scripting language was disclosed on 24/9/2014. You can read about it here

All SARK variants, except SARK500, built on or before 25/9/2014 have this vulnerability. To be certain, you should run the check below and apply the fix if necessary


You can check your bash using the following command

env X="() { :;} ; echo busted" `which bash` -c "echo completed"

If the command returns the word "busted" then the bash version has the vulnerability.

To fix your SARK site do the following


all Debian releases (including SARK200)

apt-get update
apt-get install bash

SME Server 8.0 based releases

yum update bash

Other releases

If you have an smeserver release prior to SME 8 then you must upgrade to smeserver 8.0 and apply the above update.

Personal tools